Johnny

Founder & vCISO

JONATHAN & CYBER

Feb 2020 - Present • 6 yrs 3 mos

vCISO & Strategic Advisory: Provides end-to-end CISO-as-a-Service, designing comprehensive security programs for tech companies across Israel, Europe, and the U.S. Offensive Security (PT): Leads advanced Application and Infrastructure Penetration Testing, including web and cloud architecture reviews (AWS, Azure, GCP). Compliance & Governance: Expert-level implementation of SOC2, ISO27001, ISO27799, HIPAA, and AI risk governance (ISO 42001). Data Privacy: Manages complex privacy compliance frameworks, including GDPR, and HIPAA/DPA requirements. Crisis & Training: Conducts high-level Cyber Security Table-Top simulations for executive teams and designs organization-wide security awareness training programs.

Chief Information Security Officer

Sapiens

May 2016 - Feb 2020 • 3 yrs 9 mos

Responsible for global, enterprise-wide Information & Cyber Security program with presence in 37 sites, Manage a global group of 15 Cyber Security Managers and Professionals. Manage the entire Cyber Security Operations for all Sapiens locations both Corporate and Managed Services. Lead the Risk Management process including communication to Senior Management and mitigation plans. Lead the Cyber Security Professional Services and support to the organization. Lead the Global Awareness campaigns and drills to improve the company's readiness for an emergency. Established 24x7 Tier levels Global Cyber Security Centers including Threat Intelligence, Threat Hunting and Automation. Established end to end Incident Response processes including KPIs, SLAs etc. Created Policies and Procedures to respond to Incidents including Internal and External communication. Oversee the Development, implementation and monitoring a strategic, comprehensive information security and successfully led the certification process for Sapiens sites worldwide for ISO 27001 framework adopted company-wide. Oversee IT infrastructure and DR Services to the organization. Oversee DR in the Cloud projects using Azure and replication technologies. Develop and maintain relationships with all stakeholders including Operations, IT, Legal, HR and others. Developed internal Emergency Advisory System, Risk Assessment and Business Impact Analysis tools.

Chief Information Security Officer

Migdal Capitol Markets

Apr 2013 - May 2016 • 3 yrs 1 mo

Oversaw and enforced Information Security regulations issued by Tel-Aviv Stock Exchange. Responsible for monitoring and ensuring corporate-wide IT information security. Designed and implemented automated respond McAfee SIEM (Security Information Event Manager) environment consisting of 50+ custom real-time alerts and correlations. Designed and implemented an enterprise-wide ForeScout NAC (Network Access Control) system. Re-engineered and upgraded existing Juniper IDP infrastructure to McAfee IPS (Intrusion Prevention System) for the network communications to be uninterrupted and secured. Deployed and configured Websense DLP (Data Lost Prevention) to discover pre-defined sensitive data on File servers, Exchange mailboxes, SharePoint sites, PST’s and SQL databases, while preventing critical data leakage from “in motion” sources (e-mails, removable media, downloads). No vulnerabilities were exploited once the program was established. Charged with evaluating new technologies while understanding the diverse market and identifying potential opportunities, ensuring that the projects are financially viable. Supplied strategic assistance in defining and determining balance between organizational business needs, IT and Information Security Requirements.